NotCVE - vendor:"Social Icons Widget By Wpzoom" product:"Social Icons Widget By Wpzoom" version:" >= 0.0.0 <= 4.2.15"

1 results (0.003 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-30464 – WordPress Social Icons Widget & Block by WPZOOM plugin <= 4.2.15 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2024-30464

Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM.This issue affects Social Icons Widget & Block by WPZOOM: from n/a through 4.2.15. Vulnerabilidad de autorización faltante en WPZOOM Social Icons Widget & Block de WPZOOM. Este problema afecta a Social Icons Widget & Block de WPZOOM: desde n/a hasta 4.2.15. The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the zoom_ajax_set_pointer_transient() function in versions up to, and including, 4.2.15. This makes it possible for authenticated attackers, with subscriber-level access and above, to set pointer transients. • https://patchstack.com/database/vulnerability/social-icons-widget-by-wpzoom/wordpress-social-icons-widget-block-by-wpzoom-plugin-4-2-15-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •